Security Automation and Orchestration

Uncategorized

Many Federal organizations are working to enhance their security posture by leveraging DHS’s Continuous Diagnostics and Mitigation (CDM) Phase 1 program to help them with their security issues, especially around issues relating to vulnerabilities and patching.

Though Phantom only went GA earlier in 2016, we’ve been working on the technology for nearly 3 years. This investment in our architecture has produced meaningful differences – some of which we’ve covered in past blog posts. One element that is foundational to our architecture is the Phantom App. Apps extend the capabilities of the … Continue reading App Envy? You decide…

Security professionals generally agree that the demand for threat intelligence is growing. With the ability to focus security teams and tools on the most relevant and high-risk threats, the context and tailored priority that threat intelligence feeds provide are undisputed benefits. While it sounds like a win/win situation—the threat intel comes in, it’s applied, and … Continue reading Preventing Threat Intelligence Overload

Though one might question if their origins were for good or evil, botnets have been used for both causes for years. For bad actors, botnets represent a cheap and powerful form of automation. With bots dispersed across a vast network of infected computers and controlled by a Command and Control (C2) server, automation directs the … Continue reading Are You Bringing a Knife to a Gun Fight?

Saint Bernard of Clairvaux supposedly said it back in 1150. He certainly wasn’t thinking about security products when he said it, but the quote may nonetheless apply. Shelfware is a common ailment in the tech industry, and the security segment isn’t immune to the phenomenon. Many a product has been bought, only to gather dust … Continue reading The Road to Hell is Paved with Good Intentions

Last week, I had a chance to catch-up with Jon Oltsik at Splunk .Conf in Orlando. Jon frequently covers the emerging security automation and orchestration market. If you are interested in this technology, I recommend following Jon’s blog. Jon also shared a great video recap of his recent research on security automation and orchestration. The … Continue reading IR Automation: Recent Research by ESG